Abstract

We present a guardian-based approach to detecting 'babbling idiots', faulty nodes which erroneously consume extra resource in an event triggered system. In general, one cannot detect all babbling idiots, but the maximum effect of undetected faults is bounded and small, and therefore can be taken into account in worst case response time analysis to guarantee that a babbling idiot cannot cause a timing failure elsewhere in the system. The approach is applied specifically to the CAN protocol to protect against faulty nodes transmitting message frames too often. We show that the overhead of including the effect of undetected frames into the worst case response time analysis is small enough to be of practical value.